Context Navigation

Timeline

02/09/11:

<rdar://problem/8805364> Malloc zone enumeration code should be safe in the face of errors from the memory reader.

Reviewed by Sam Weinig.

wtf/FastMalloc.cpp:

(WTF::PageHeapAllocator::recordAdministrativeRegions): Use the new helper function to walk the linked list safely.
(WTF::TCMalloc_ThreadCache_FreeList::enumerateFreeObjects): Ditto.
(WTF::TCMalloc_Central_FreeList::enumerateFreeObjects): Ditto.
(WTF::TCMallocStats::PageMapFreeObjectFinder::visit): Bail out if the span could not be read.
(WTF::TCMallocStats::PageMapMemoryUsageRecorder::visit): Ditto.

wtf/MallocZoneSupport.h:

(WTF::RemoteMemoryReader::operator()): Remove an assert that is not valid.
(WTF::RemoteMemoryReader::nextEntryInLinkedList): Add a helper function for retrieving the next entry in
a linked list. It maps a failed read of the remote memory in to a null pointer, which all callers can
handle gracefully.

Fix an issue when ShadowBlur had a cached image buffer
that was larger than that of the current shadow being drawn,
and the current shadow was partially clipped out.

In that situation endShadowLayer() would clip to the image
buffer, using the size of the buffer (as it must), but failed
to take into account the fact that we'd only cleared and painted
into a smaller section of the buffer. So we need to additionally
constrain the clip to cover only the valid part of the buffer.

The bug was caused by RenderBlock::positionForPoint's improperly returning a shadow node inside
RenderFileUploadControl for hit testing and VisibleSelection::toNormalizedRange's always assuming
the position variable "s" is not null.

Fixed the bug by always returning a null position from RenderFileUploadControl::positionForPoint,
and also exiting early when either "s" or "e" is null in VisibleSelection::toNormalizedRange.

UIProcess/API/mac/WKPrintingView.h: Moved _isForcingPreviewUpdate into a static variable,
because dispatching a notification affects all WKPrintingViews at once.

UIProcess/API/mac/WKPrintingView.mm:
(-[WKPrintingView _updatePreview]): Updated for new variable name.
(-[WKPrintingView knowsPageRange:]): Don't break if the method is called twice in a row
(we already had this logic when printing from separate thread, but not for preview).
(-[WKPrintingView drawRect:]): Changed all LOG messages to have view object address for
easier matching.
(-[WKPrintingView rectForPage:]): Ditto.
(-[WKPrintingView beginDocument]): Ditto.
(-[WKPrintingView endDocument]): Ditto.

nrwt multiprocessing: minor cleanup prior to implementing the new worker

This patch renames AbstractManager to ManagerConnection and
changes some argument names to be more consistent between
manager_worker_broker and message_broker. It also fixes a couple
of typos in message_broker. These changes will be tested by code
introduced in the next patch.

I've changed to source to WebKit style and abstracted the operating
system interaction to OSRandomSource. We'll use this functionality to
expose a cryptographically strong random number generator to
JavaScript.

Tests for various cases involving document.open/write/close. Not all
of them are related to this patch, but they were helpful to me in
working through this patch, so I've added them in case they're useful
in the future.

Move our implementation of document.close closer to the spec by
introducing the notion of a script-created parser. This area of our
code is somewhat hairy. It might take a few more iterations before we
fully come up to spec.

Removes deprecated interface WebAutoFillClient::didAcceptAutocompleteSuggestion(). This interface has been replaced by the more general WebAutoFillClient::didAcceptAutoFillSuggestion() method.​https://bugs.webkit.org/show_bug.cgi?id=54125

Export WebInputElement::defaultMaxLength as a function rather than a constant.
Needed because the order of initialization of static constants
is not guaranteed across compilation units.​https://bugs.webkit.org/show_bug.cgi?id=54056

public/WebInputElement.h:

src/WebInputElement.cpp:
(WebKit::WebInputElement::defaultMaxLength): Now a static function.

Since r73535 a ContextMenu is only created when a context menu
event is received, so QWebPage::updatePositionDependentActions()
can't depend on one being there if it is called directly by
the client. QtWebKit itself only ever calls updatePositionDependentActions()
when a context menu event has been received.

Update tst_QWebPage:contextMenuCrash to create a context menu.
Add tst_QWebPage:updatePositionDependentActionsCrash to test for this crash.

There doesn't seem to be a good reason for creating a context menu if
clients call QWebPage::updatePositionDependentActions() when no
context menu event has ever been received.

A somewhat blind attempt to move Android.mk into the Source directory.
I'm sure I've goofed this up in some way. The Android folks have
kindly volunteered to fix this up once they merge past this revision.

This fix is for 2d.imageData.put.alpha.html with --accelerated-2d-canvas. No new tests.

platform/graphics/skia/ImageBufferSkia.cpp:
(WebCore::ImageBuffer::putUnmultipliedImageData): needs to call syncSoftwareCanvas() to sync between hardware and software.
(WebCore::ImageBuffer::putPremultipliedImageData): needs to call syncSoftwareCanvas() to sync between hardware and software.

Implements Locale object of JavaScript internationalization API proposal, as an
v8 extension. Extension code is hosted in v8 project (src/extensions/experimental/i18n-extension.{cc,h})
and in this patch we just provide flags, tests and build rules for chromium port.​https://bugs.webkit.org/show_bug.cgi?id=49414

Implements Locale object of JavaScript internationalization API proposal, as an
v8 extension. Extension code is hosted in v8 project (src/extensions/experimental/i18n-extension.{cc,h})
and in this patch we just provide flags, tests and build rules for chromium port.​https://bugs.webkit.org/show_bug.cgi?id=49414

Implements Locale object of JavaScript internationalization API proposal, as an
v8 extension. Extension code is hosted in v8 project (src/extensions/experimental/i18n-extension.{cc,h})
and in this patch we just provide flags, tests and build rules for chromium port.​https://bugs.webkit.org/show_bug.cgi?id=49414

Implements Locale object of JavaScript internationalization API proposal, as an
v8 extension. Extension code is hosted in v8 project (src/extensions/experimental/i18n-extension.{cc,h})
and in this patch we just provide flags, tests and build rules for chromium port.​https://bugs.webkit.org/show_bug.cgi?id=49414

platform/graphics/ShadowBlur.cpp:
(WebCore::computeSliceSizesFromRadii): Compute the slice sizes
for the eight-piece shadow template.
(WebCore::ShadowBlur::templateSize): Compute the size of the template,
given the slice sizes.
(WebCore::ShadowBlur::drawRectShadow): Bail early if layerRect is empty
(which probably means we're clipped out). Call templateSize() and use
the result to decide whether to tile.
(WebCore::ShadowBlur::drawInsetShadow): New method for inset shadows.
(WebCore::ShadowBlur::drawRectShadowWithoutTiling): Code moved.
(WebCore::ShadowBlur::drawInsetShadowWithoutTiling): The non-tiling code
path for inset shadows.
(WebCore::ShadowBlur::drawInsetShadowWithTiling): Fill the shadow template
buffer, paint the non-blurred area of the destination, and then call drawLayerPieces()
to paint the eight-piece template image.
(WebCore::ShadowBlur::drawRectShadowWithTiling): Refactored code, now
shares the blurring code via blurAndColorShadowBuffer(), and the tiled template
drawing via drawLayerPieces().
(WebCore::ShadowBlur::drawLayerPieces): Draw an eight-piece image from the
shadow template to the destination.
(WebCore::ShadowBlur::blurAndColorShadowBuffer): Blur the pixels in the image
buffer, and colorize them using the CompositeSourceIn operation.

Hide the ugly details of WebView::m_window initialization from WebPageProxy, and make it less ugly

WebView::WebView was initially creating a hidden window, then showing it. It would tell
WebPageProxy about the window while it was still hidden, and then have to inform
WebPageProxy that the window had become shown. This resulted in WebPageProxy sending
unnecessary messages to the web process, and confused code that assumed that the window
would be in the same state after WebView's constructor exited as it was when WebPageProxy
first found out about the window.

We now don't hide the window when creating it, which simplifies the code, and only tell
WebPageProxy about the window after we're done modifying it, which fixes the bug.

(WebKit::WebView::WebView): Changed ::CreateWindowEx to ::CreateWindowExW, to match other
Win32 API calls in WebKit2. Pass WS_VISIBLE to ::CreateWindowExW rather than waiting until
later to show the window. Added an assertion that m_isVisible matches the window's visible
state. Don't even create our WebPageProxy, or tell it about our window, until we're done
initializing our window, so that it doesn't get informed about our window's internal state
changes that happen beneath ::CreateWindowExW.
(WebKit::WebView::onSizeEvent): Null-check m_page since we can receive this message beneath
::CreateWindowExW.
(WebKit::WebView::onShowWindowEvent): Ditto. Replaced one FIXME with another. Always set
handled to false so that ::DefWindowProcW can do its thing. (MSDN says this is when it
actually shows/hides the window, though I couldn't find any consequences of not calling
::DefWindowProcW here.)

The PlatformCAAnimation::create() function which took a pointer to another
PlatformCAAnimation was supposed to make a copy of that passed object.
But it was doing completely the wrong thing on Mac and was leaking an object
to boot. And the notion of copying an object using a static creation function
is wrong in the first place. So I changed it to a member copy() function
which would create a new PlatformCAAnimation which was a copy of 'this' and
return it. I changed the implementation on both Mac and Win to match.

This problem was not caught by DRT, even there is a specific test for it.
That test just verifies that the higher level logic is working
properly, which it is. There's no practical way to find out if the
layer is currently animating. There is no logic which probes that
deeply into the layer mechanics.

When building with SHARED_CORE enabled, the symbols of ContextMenu
were both in webkit and webcore. This removes them from webcore and
shall be put back once the CROSS_PLATFORM_CONTEXT_MENUS is implemented
in EFL port.

Added new text expectations for GTK port. They should be actually
valid for any port using the libsoup backend. We need different
results because as stated here​https://bugs.webkit.org/show_bug.cgi?id=3812#c6, the original test
results were designed for NSURLConnection which adds the
"Content-Length: 0" header for null message bodies. That does not
happen in libsoup, so instead of artificially add that header we
better generate different results.

Also take into account that for HEAD and GET requests the body is
not included so we should expect always a null for them.

runtime/CollectorHeapIterator.h:
(JSC::CollectorHeapIterator::isValid):
(JSC::CollectorHeapIterator::isLive): Updated for new mark invariant: To
know if an object is live, you just need to test its mark bit.

runtime/MarkedSpace.cpp:
(JSC::MarkedSpace::MarkedSpace): Moved waterMark and highWaterMark from
CollectorHeap into MarkedSpace, since they're global state. Removed call
to memset since CollectorHeap is a true class with its own constructor now.

(JSC::MarkedSpace::destroy): Change uses of m_heap.usedBlocks to
m_heap.blocks.size(), and m_heap.numBlocks to m_heap.blocks.capacity().

The bug was caused by Editor::selectionComputedStyle's modifying typing style without making a copy,
and its removing non-inheritable properties from the typing style. Fixed the bug by making a copy
before making the modification and not removing non-inheritable properties.

Also fixed a bug in selectionStartCSSPropertyValue that it doesn't handle xx-small to -webkit-xxx-large
by extracting a function from StyleChange::extractTextStyles and calling it in both extractTextStyles
and selectionStartCSSPropertyValue.

Test: editing/style/query-typing-style.html

editing/ApplyStyleCommand.cpp:
(WebCore::legacyFontSizeFromCSSValue): Extracted from StyleChange::extractTextStyles.
(WebCore::StyleChange::extractTextStyles): Calls legacyFontSizeFromCSSValue; this fixes the bug that
CSS values from xx-small through -webkit-xxx-large are not accounted.

editing/ApplyStyleCommand.h:

editing/Editor.cpp:
(WebCore::Editor::selectionStartCSSPropertyValue): Calls legacyFontSizeFromCSSValue.
(WebCore::Editor::selectionComputedStyle): Makes a copy before modifying typing style.
No longer calls removeNonEditingProperties on the copied typing style so that background-color property
is included when merged into the style.

layoutTestController.displayInvalidatedRegion() does a paint of any area that has been invalidated. This is different from layoutTestController.display() which explicitly invalidates the entire page then paints.

plugin.invalidateRect(left, top, right, bottom) - invalidates the given rect
This is used to test that invalidating a rect correctly causes a repaint of the plugin.

Adding a cache which holds the results of processing a path into
interior and exterior triangle meshes, according to the path
rendering algorithm from GPU Gems 3. No tests yet; will be tested
in conjunction with later code.

DrawingAreaImpl::setRootCompositingLayer can be called with a new layer even when already
in accelerated compositing mode. Similarly, it can be called with a null layer even when not
in accelerated compositing mode. Make the drawing area and layer tree host handle both these cases.

WebProcess/WebPage/DrawingAreaImpl.cpp:
(WebKit::DrawingAreaImpl::setRootCompositingLayer):
Only call enterAcceleratedCompositingMode if there is no layer tree host, otherwise
just call LayerTreeHost::setRootCompositingLayer.

(WebKit::DrawingAreaImpl::setSize):
Add an assert.

(WebKit::DrawingAreaImpl::enterAcceleratedCompositingMode):
Assert that we don't have a layer tree host.

(WebKit::DrawingAreaImpl::exitAcceleratedCompositingMode):
Assert that we do have a layer tree host.

(WebKit::DrawingAreaImpl::display):
If the call to display caused the page to enter accelerated compositing mode, we don't
want to send back an Update message.

This patch splits out the code used to find and log thread
stacks from NRWT-specific packages to something generic and
shareable by other python modules. It will be shared in the near
future by the manager_worker_broker module, for example.

new-run-webkit-tests: add simplified message broker for new-style
messaging. This change adds a very simple message broker that
will be used to shuttle messages between the TestRunner2 manager
thread and the Worker threads. For now the class is not used by
anything, but the eventual usage can be seen in the patches
attached to bug 49566.

Frame flattening algorithm requires that layout always starts from the main frame, since layout of
subframes impacts the layout of their parents.
There are places in the code that call view->layout() not on the main frame.
Instead of changing all the callsites, I changed FrameView::layout()
to force layout from the main frame if frame flattening is enabled.
In addition, postLayoutTasks can trigger relayout, so make it use the timer even more.
Move the call to SelectionController::updateAppearance() to performPostLayoutTasks(),
because calling the from layout() leads to a crash in pages that have a selection in an iframe.

Each WorkQueue now owns its own timer queue. When scheduleWorkAfterDelay is called, we
create a timer-queue timer with the given delay. When the timer fires, we schedule the work
on the queue and clean up the timer.

(WorkQueue::platformInitialize): Initialize m_timerQueue.
(WorkQueue::platformInvalidate): Clean up m_timerQueue.
(TimerContext::TimerContext): Added this helper object to hold the context needed by the
timer callback.
(WorkQueue::timerCallback): Added. Schedules the WorkItem on the WorkQueue and cleans up the
timer.
(WorkQueue::scheduleWorkAfterDelay): Create a timer-queue timer on our timer queue that will
fire after the given delay. Pass a new TimerContext object to the timer callback that
contains the information it needs.

Unskip a series of tests that seem to be passing locally. Also unskip
a test that was mistakenly reskipped in r77979 due to what looks like a
merge issue. Rebaseline two of these test which have results originating
from long ago.

Changed ASSERT to be an if for the case where the RuntimeObject was
GC'ed before RootObject::invalidate is called. In that case there is
no need to remove the RuntimeObject from the RootObject. The isValid()
call will be false in this case, but the RuntimeObject has already
been removed from the RootObject. Added similar defensive code
in RootObject::removeRuntimeObject().

This simplifies access to mark bits, since any cell-aligned pointer
into a block now has a valid mark bit to test.

runtime/MarkedBlock.h: Changed CELLS_PER_BLOCK to account for the extra
mark bits. This happens not to change its actual value.
(JSC::MarkedBlock::cellNumber):
(JSC::MarkedBlock::isMarked):
(JSC::MarkedBlock::testAndSetMarked):
(JSC::MarkedBlock::setMarked): Changed const JSCell* to const void* to
remove a cast from our caller, and to more accurately reflect the fact
that MarkedBlock is agnostic about the types pointed to by the pointers
you pass to it.

(JSC::MarkedBlock::isPossibleCell): Removed a null check. We now consider
the null pointer to be a possible cell with a 0 (impossible) block. This
removes a null check from marking.

runtime/MarkedSpace.cpp:

runtime/MarkedSpace.h:
(JSC::MarkedSpace::contains): Simplified the contains check, and inlined
the whole thing, now that it's so simple.

This crash seems to happen when the animation is running
and a window is closed. If the ScrollAnimator is destroyed,
delegate calls for the animation can still run, so we have
to make sure we inform the delegates when the ScrollAnimator
is gone, and then we have to null-check it before we do
anything with it.

Make sure to close the web inspector web page proxy before calling platformClose, since
platformClose can cause the web page proxy to try to send messages (such as SetActive)
to the web process while it's in a bad state.

The original fix, ​http://trac.webkit.org/changeset/77866, put the call to m_page->close() in
WebInspectorProxy::didClose, which was wrong and lead to crashes. The right place to close the page
is in WebInspectorProxy::invalidate.

platform/gtk/ScrollbarThemeGtk.cpp:
(WebCore::ScrollbarThemeGtk::paint): We only repaint the scrolled
window background if we are repainting a button or the thumb. In that
case also repaint the track rect.

platform/gtk/WidgetRenderingContext.cpp: Ditto.
(WebCore::WidgetRenderingContext::gtkPaintBox): Added an option which
also adjusts a widget allocation according to the paint rect. This is
necessary to properly draw scrollbar buttons.

This is the second part of refactoring the HTMLMediaElement to use new
shadow DOM. The changes are mainly mechanical, except for needing to
add a new method to RenderTheme, which indicates whether or not status
display is being used by it. Previously, we relied on existence of a cached
pseudo style.

html/shadow/MediaControls.cpp:
(WebCore::MediaControls::createPanel): Changed to use the newly-added MediaControlPanelElement.
(WebCore::MediaControls::createCurrentTimeDisplay): Changed to use the newly-added

MediaControlCurrentTimeDisplayElement.

(WebCore::MediaControls::createTimeRemainingDisplay): Changed to use the newly-added

MediaControlTimeRemainingDisplayElement.

rendering/MediaControlElements.cpp:
(WebCore::MediaControlShadowRootElement::updateStyle): Changed to use the

Windows never got patched to pass in the page height to WebCore, so when WebCore's pagination got re-written to depend on this
value, Windows got broken. Patch setPrinting to be identical to WebKit1 on OS X and to have it take an extra minimum page height
argument.

All the Inspector API for WebCore has two parts.
The first one is InspectorInstrumentation for WebCore.
The second is InspectorController for WebKit.
InspectorAgent was produced by renaming original InspectorController.
This patch extracts WebKit related methods from InspectorAgent to InspectorController.

Whenever we stop a timer, we call ::KillTimer to cancel any future firings of the timer. But
::KillTimer doesn't do anything about WM_TIMER messages that have already been posted to the
message queue. We need to handle those, too.

Don't mark a Connection as connected until open() is called on Windows

This matches Mac. Even though the Connection's pipe is connected before open() is called,
the Connection itself isn't really connected to the pipe until then, and we won't actually
read any data from before that point.

(CoreIPC::Connection::platformInitialize): Moved code to set m_isConnected from here to
open.
(CoreIPC::Connection::platformInvalidate): Unset m_isConnected, to match Mac. (This isn't
part of the bug fix, but seemed worthwhile.)
(CoreIPC::Connection::open): Set m_isConnected now that we're going to listen on the pipe.

Support handling either an array or a string for the modifier argument
to EventSender.keyDown.

DumpRenderTree/gtk/EventSender.cpp:
(gdkModifierFromJSValue): Added this helper which factors out the
string comparison bits.
(gdkModifersFromJSValue): Test up front whether the value is a string,
to handle it specially.

Removed two of the three almost-duplicate test expectations
between {media,platform/chromium-{mac,win}} by excluding file
extensions from the emitted output.
Removed outdated test_expectation for deleted test.​http://crbug.com/28993

The Leopard Debug builder has been failing to compile for several days.
My understanding is that folks are working on fixing the build, but for
the time being we should probably remove it from the list of core
builders so that the core waterfall can be green. We can certainly add
it back once the build is fixed.

Also, I've removed the Tiger builders because those no longer appear to
be attached to the buildbot master.

Remove didCloseOnConnectionWorkQueue from Connection::Client and add
Connection::setDidCloseOnConnectionWorkQueueCallback which takes a static
function, eliminating the race condition in connectionDidClose where m_client could be
nulled out in the client thread right before we try to dereference it.

platform/win/DragImageWin.cpp: Moved createDragImageForLink from DragClient

to a platform specific file in WebCore. It makes a lot more sense here, since
the drag image is always created in WebCore for all the other content types
except for links.
(WebCore::dragLabelFont):
(WebCore::createDragImageForLink):

platform/win/WCDataObject.cpp: Added new way to

construct a WCDataObject from a DragDataMap.
(WebCore::WCDataObject::createInstance):
(WebCore::WCDataObject::clearData):

This patch contains the remaining work to support
a WebKit window as drag source on Windows.
I've added the code to generate the image for dragging a link as
well as the steps necessary to package the HBITMAP into a SharedMemory
object and send it over to the UI process where DoDragDrop is performed.

Make sure to close the web inspector web page proxy before calling platformClose, since
platformClose can cause the web page proxy to try to send messages (such as SetActive)
to the web process while it's in a bad state.

Refactored SolidFillShader and TexShader to call new
generateVertex() and generateFragment() methods on base Shader
class, and added support for the Loop/Blinn shaders. Refactored
Loop/Blinn shader classes to derive from Shader.

Tested these changes with several of the IE9 Testdrive demos with
accelerated 2D canvas enabled, as well as a full layout test run
with --platform chromium-gpu.

In some cases we're writing an invalid session state for a back/forward list where the current entry is 0
but the number of entries is also 0.
In such cases the current entry should be "NoCurrentEntryIndex."

When we later read this state in, we set ourselves up to crash later.

Amusingly an ASSERT caught this, but we should've rejected it before the ASSERT fired.

UIProcess/cf/WebBackForwardListCF.cpp:

(WebKit::WebBackForwardList::restoreFromCFDictionaryRepresentation): Fail the restore if the "current index past the end

of the list" case occurs, and speculatively bail out of the case where we have no current index but do have a list.
Also remove the unhelpful ASSERT.

xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::dropProtection): Take the JSLock before
reporting extra cost to the JavaScriptCore heap, since all use of
JavaScriptCore is supposed to be guarded by JSLock.

(WebCore::BlobResourceHandle::BlobResourceHandle):
(WebCore::BlobResourceHandle::cancel):
(WebCore::delayedStartBlobResourceHandle):
(WebCore::BlobResourceHandle::start): Keep BlobResourceHandle alive
till the delay function is called.
(WebCore::BlobResourceHandle::doStart):
(WebCore::doNotifyFinish):
(WebCore::BlobResourceHandle::notifyFinish): Notify the client via the
standalone function to prevent the handle from being disposed immediately
by the client which will make the calls in the stack that're still bound
to the handle suffer.

(WebKit::BitmapDC::operator HDC):
(WebKit::BitmapDC::BitmapDC):
(WebKit::BitmapDC::~BitmapDC):
Added this helper class, which uses RAII to select a bitmap into a new memory DC.
(WebKit::BackingStore::paint): Wrap our bitmap in a BitmapDC and use ::BitBlt to copy the
specified rect into the destination DC.
(WebKit::createBitmap): New helper function, just creates a DIB section with the specified
size.
(WebKit::BackingStore::incorporateUpdate): Ported from BackingStoreMac.mm. It seems like
this code could be shared at some point.
(WebKit::BackingStore::scroll): Wrap our bitmap in a BitmapDC and use ::ScrollDC to scroll
the specified rect.

UIProcess/win/WebView.cpp:

(WebKit::useNewDrawingArea): Added. Returns true if the WEBKIT2_USE_NEW_DRAWING_AREA
environment variable is set.
(WebKit::drawPageBackground): New helper function. Code came from onPaintEvent.
(WebKit::WebView::onPaintEvent): Ported from -[WKView drawRect:].
(WebKit::WebView::createDrawingAreaProxy): Create a DrawingAreaProxyImpl if we're using the
new drawing area.

(WebKit::WebView::enterAcceleratedCompositingMode):
(WebKit::WebView::exitAcceleratedCompositingMode):
(WebKit::WebView::pageDidEnterAcceleratedCompositing):
(WebKit::WebView::pageDidLeaveAcceleratedCompositing):
Added some assertions to make sure these are only called when expected. We don't expect
enter/exitAcceleratedCompositingMode to be called at all right now, because accelerated
compositing is turned off in WebKit2 on Windows.

(WebKit::WebView::switchToDrawingAreaTypeIfNecessary): Ditto, and added a case for the
DrawingAreaInfo::Impl constant.

Long ago, PluginDocument always caused the HTMLEmbedElement to create
its widget synchronously during a post-layout task. Recently, however,
some changes to the HistroyController caused layout on back/forward to
become slightly more complicated (and added an extra level of recursion
to layout). This extra level of recursion triggered the "I've recursed
too many times" condition in the post-layout task queue, causing the
FrameView to run the remainder of the tasks asynchronously.
Unfortunately, that broke PluginDocument because it needs its the
HTMLEmbedElement's updateWidget task to run synchronously.

This patch adds a mechanism for "kicking off" the pending post-layout
tasks synchronously (instead of waiting for the timer to fire).
PluginDocument then uses that facility to ensure that the
HTMLEmbedElement's updateWidget task happens.

WebProcess/WebPage/DrawingAreaImpl.cpp:
(WebKit::DrawingAreaImpl::didInstallPageOverlay):
Add empty function. This will eventually ask the layer tree host to
create a GraphicsLayer for the page overlay.

(WebKit::DrawingAreaImpl::didUninstallPageOverlay):
Tell the page that it needs to be repainted.

(WebKit::DrawingAreaImpl::setOverlayNeedsDisplay):
Just call setNeedsDisplay for now.

(WebKit::DrawingAreaImpl::display):
Paint the page overlay too.

WebProcess/WebPage/DrawingAreaImpl.h:

WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::drawRect):
Only call drawPageOverlay if we have an old drawing area.

(WebKit::WebPage::drawPageOverlay):
Draw the page overlay. Code moved here from WebPage::drawRect.

This a temporary measure: actually one probably should never get empty handle
if there was no exception. The root cause is under investigation.
The bailout though allows Chromium not to crash---attempt to convert an empty
v8 hande into WebCore string crashes with invalid memory access.

html/canvas/WebGLRenderingContext.cpp: Allocate large enough buffer for atttrib0 if it's enabled and not used.
(WebCore::WebGLRenderingContext::initVertexAttrib0):
(WebCore::WebGLRenderingContext::simulateVertexAttrib0):

platform/text/TextCodecICU.cpp: Removed registration of UTF-8
since that's now handled by the built-in UTF-8 codec.
(WebCore::TextCodecICU::registerEncodingNames): Renamed to remove
the word "extended" since all codecs from ICU are now extended.
(WebCore::TextCodecICU::registerCodecs): Ditto.

platform/text/brew/TextCodecBrew.cpp:
(WebCore::TextCodecBrew::registerEncodingNames): Renamed to remove
the word "extended" since all codecs from Brew are now extended.
(WebCore::TextCodecBrew::registerCodecs): Ditto.

platform/text/brew/TextCodecBrew.h: Ditto.

platform/text/gtk/TextCodecGtk.cpp:
(WebCore::TextCodecGtk::registerBaseEncodingNames): Removed
registration of UTF-8. It's questionable whether the other codecs
here are really basic. If we think they qualify, then we should
register them on other platforms, not just GTK.
(WebCore::TextCodecGtk::registerBaseCodecs): Ditto.

platform/text/wince/TextCodecWinCE.cpp:
(WebCore::getCodePage): Removed special case for UTF-8 since we
no longer use this codec for UTF-8.
(WebCore::TextCodecWinCE::registerEncodingNames): Renamed to remove
the word "extended" since all codecs from WinCE are now extended.
(WebCore::TextCodecWinCE::registerCodecs): Ditto.

Precompiled headers need to be rebuilt if, e.g., an ENABLE_* macro is changed in one of our
.vsprops files. Unfortunately, Visual Studio isn't smart enough to figure this out, so we
give it some assistance by deleting the precompiled headers whenever any .vsprops file
changes.

return code from react-to-vsprops-changes.py so we will notice when errors are introduced.
But skip the script entirely in production builds, where it is both unnecessary and can't
function correctly (due to not having the entire source tree available to it).

(main): Removed an extra '*' in the glob for finding manifest files. The extra '*' was
leftover from before we rearranged WebKitBuild in r75138. Moved code to delete an old file
to the new delete_if_older_than function. Added code to delete any precompiled headers older
than the newest .vsprops file.
(delete_if_older_than): Added. Code came from main.

Chromium: add explicit "Passed" expectations for the tests which have "failed" expectations in platfrom/mac
The problem was introduced at r77719.
I have to do that because platform/mac is in the list of baseline folders.
See 'Tools/Scripts/webkitpy/layout_tests/port/chromium_linux.py'.

Removed LOOSE_OWN_ARRAY_PTR and OwnArrayPtr<T>::set. Replaced all calls to OwnArrayPtr::set
and loose instantiation of OwnArrayPtr by calls to operator= and adoptArrayPtr. Also removed
OwnArrayPtrCommon.h since PassOwnArrayPtr.h needs to include OwnArrayPtr.h and there is
no point in putting deleteOwnedArrayPtr into a separate header.

Note: if this patch breaks build, the code is either instiantiating OwnArrayPtr
without calling adoptArrayPtr or calling set on ArrayOwnPtr instead of operator=.

These classes will make it easier to write scripts that deal with test
outputs such as rebaselining and deduping scripts. The intent is that
eventually we will be have buildbot return TestOutputs for a
particular build which can be compared with TestOutputs derived from a
local LayoutTests directory.

WebProcess/WebPage/DrawingAreaImpl.cpp:
(WebKit::DrawingAreaImpl::enterAcceleratedCompositingMode): Handle the case
where this is called repeatedly without exiting accelerated composting mode
first.
(WebKit::DrawingAreaImpl::exitAcceleratedCompositingMode): Handle the case
of being called more than once.